Cybercriminals have recently taken a new approach to piracy in user devices, branching in Internet of things to attack security cameras. Although the implications are worrisome, the first attack turned out to be a fairly innocuous and largely ineffective attempt to mine bitcoins.
What is Bitcoin Mining?
Bitcoins are a popular form of digital currency widely used among criminals, digital and otherwise. While there is nothing illegal about bitcoins themselves, their nature, attracts a disreputable. Bitcoins are virtually untraceable, them a preferred payment method for many illegal activities making. Although the FBI closed the Silk Road, which was an online market for illegal drugs that worked on bitcoins, hackers nevertheless often use this money to collect payment for their services.
Bitcoins can be exchanged between users who have accumulated money, but they can also be operated, which is an attractive prospect for those looking to make some quick cash. For mine bitcoins, users essentially contribute to the processing power of the endless activity to check bitcoin transactions. Run the right software does not guarantee a return on investment, however, the software is essentially whistling through the possible combinations to unlock hidden bitcoins jackpots.
How the security cameras were involved
Johannes Ullrich of the SANS Technology Institute discovered a new form of malware that infects DVRs used for security. The malware is unique because it is actually designed to run on an ARM infrastructure. While most types of malware are written for Windows or Linux machines, it has been clearly established to go right past and target a machine quite different. This is a natural side effect of the Internet continuously expanding things where even everyday objects are part of the interconnected infrastructure of the Internet.
What the malware does
Fortunately for all those infected with this malware, it is a relatively harmless bug. The malware performs two basic actions: It searches for other machines that can infect the network, and installs to try to exploit some bitcoins
As to infect other machines, the malware is relatively powerful .. Although not confirmed, it is expected that the malware infects new systems by accessing user names and default passwords. This particular program is Hikvision devices, which come with a predictable default username and password for root that is pathetically easy to hack (12345). The real weakness in the security system is that some users think of changing this password, leaving the largest digital video recorder open to attack.
Digital video recorders are not only sensitive machines the virus, either. Ullrich also posted an update stating that the file was found on a router as well. In Internet interconnected things today, this type of malware could end up with extended range.
Bitcoin Seeking Success
Although the premise behind the malware is unique and amazingly dangerous, this draft code makes one malicious act beyond the broadcast range. As a tool to mine bitcoins, the malware is pathetically ineffective. The low ARM chip is a relatively low-power processor, making it one of the worst choices for Bitcoin mining. Although cybercriminals seemed to know exactly what they were doing when they wrote the code to attack systems ARM, they apparently did not consider the system's effectiveness for Bitcoin mining.
The effort is so laughable that technology professionals have taken to Twitter mocking malware. The co-founder and CTO of Veracode, a review of farm code, even said that the malware is essentially "just wasting electricity."
Similar attempts Bitcoin
it is not the first time that hackers have tried to use mine bitcoins unusual devices. in early 2014, another piece of malware was found infecting Android phones. the malware would drain the battery of the phone to significantly while using its CPU to mine for bitcoins. This, too, was largely ineffective attempt to cash in on bitcoins, but he created a big problem for Android users. a researcher has installed malicious software on his phone analyze its effects and found that after four hours of mining, which uses the phone's battery, the malware sample less than a penny.
Although these programs do not earn their keep on single machine, perhaps the developers hoped to take advantage of the scale rather than power. If untended, the malware could spread unchecked, adding countless weak systems to the effort that can begin to see a small amount of success if the net was cast wide enough.
The consequences of malware ARM
More worrisome than the growing trend of hacking new features for bitcoin mining is the implication that this type of malware door. Fortunately, the program was designed only to look for virtual currency. It could, however, could easily be used to spy anyone in sight of the security camera. So far, ARM devices have been widely overlooked as a potential weak point in the architecture of a system, with the greatest attention goes to Windows and Linux machines sensitive.
Although these cybercriminals were ineffective in their attempts to cash, there does not know what they could have obtained if they had used malware for a different purpose and diverted images instead the processing power of the security camera. This attack shines a light on a new low that almost all technology users should be aware of.
The protection of the Internet of Things
This is not the first time someone has realized that we must pay particular attention to the Internet of things, but can -be it will add fuel to the fire to intensify efforts to keep connected devices safely. Internet routers, IP phones, video consoles, and all kinds of appliances that connect to the Internet, smart refrigerators for controlled applications thermostats, may have weaknesses just waiting for hackers to exploit . The underlying issue behind this attack is not a question of protecting against bitcoin miners, but a matter of protecting all devices connected against attacks.
As the Internet of Things develops, cybercriminals are likely to find new ways to exploit it. Informed consumers should do what they can to stay ahead of the trend.
0 Komentar